CVE-2026-9346 PUBLISHED

Edimax EW-7438RPn webs formWirelessTbl buffer overflow

Assigner: VulDB
Reserved: 23.05.2026 Published: 24.05.2026 Updated: 24.05.2026

A flaw has been found in Edimax EW-7438RPn up to 1.31. This impacts the function formWirelessTbl of the file /goform/formWirelessTbl of the component webs. Executing a manipulation of the argument submit-url can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
CVSS Score: 8.7

Product Status

Vendor Edimax
Product EW-7438RPn
Versions
  • Version 1.0 is affected
  • Version 1.1 is affected
  • Version 1.2 is affected
  • Version 1.3 is affected
  • Version 1.4 is affected
  • Version 1.5 is affected
  • Version 1.6 is affected
  • Version 1.7 is affected
  • Version 1.8 is affected
  • Version 1.9 is affected
  • Version 1.10 is affected
  • Version 1.11 is affected
  • Version 1.12 is affected
  • Version 1.13 is affected
  • Version 1.14 is affected
  • Version 1.15 is affected
  • Version 1.16 is affected
  • Version 1.17 is affected
  • Version 1.18 is affected
  • Version 1.19 is affected
  • Version 1.20 is affected
  • Version 1.21 is affected
  • Version 1.22 is affected
  • Version 1.23 is affected
  • Version 1.24 is affected
  • Version 1.25 is affected
  • Version 1.26 is affected
  • Version 1.27 is affected
  • Version 1.28 is affected
  • Version 1.29 is affected
  • Version 1.30 is affected
  • Version 1.31 is affected

Credits

  • Bond (VulDB User) reporter
  • VulDB CNA Team coordinator

References

Problem Types

  • Buffer Overflow CWE
  • Memory Corruption CWE